Abstract
The DEFENDERS project aims to enhance cybersecurity through the development of an integrated system based on three main pillars: Preparedness, Detection and Response, and Collective Protection. These pillars are supported by advanced technologies such as Artificial Intelligence (AI) and genetic models, which are utilized to identify aggressive penetration tests and develop effective mitigation tools. A key output of the project will be an online platform designed for sharing information gathered during attack events. The DEFENDERS methodology is based on ARCADE, which includes five viewpoints—Direction, Requirements, Architectural Elements, Sharing, and Implementation—used to analyze “non-ideal practices” and meet system objectives. ARCADE, inspired by IEEE 1471-2000 and ISO/IEC/IEEE 42010-2022, provides a framework for system analysis, design, and evaluation in IT and telecommunications, facilitating informed decision-making and aligning technical solutions with business needs.
The Preparedness Pillar centers on developing advanced penetration testing tools powered by AI models like GPT, Gemini, and BERT, as well as adversarial models. These tools process real-time system data and tailor tests to uncover vulnerabilities, simulating complex cyberattacks to boost security resilience. The Detection and Response Pivot introduces an extended detection and response system using federated learning, enabling AI models to train on distributed data without centralizing it. This enhances the models’ effectiveness in identifying and countering advanced threats while preserving data locality and privacy. By utilizing a broader dataset, the system improves detection accuracy and reinforces the protection of critical infrastructures.
The Collective Protection Cell aims to foster a secure, collaborative defense environment by facilitating the secure exchange of information on cyber incidents. This approach enables organizations to share critical threat intelligence without compromising the confidentiality of sensitive infrastructure-related data. The design ensures improved resilience and security of digital systems by promoting a networked, community-based defence strategy. Overall, DEFENDERS sets the groundwork for a secure and resilient cyber ecosystem, advancing the protection of critical infrastructure and contributing to national and international cybersecurity efforts.
Main Goals of DEFENDERS
Development of an AI-powered cyber defense platform tailored for Critical Infrastructures (CIs), including healthcare, energy, and public-sector systems, focusing on early detection, risk analysis, and automated response.
Implementation of real-time behavioral threat detection mechanisms using Machine Learning and Edge Computing technologies, enabling early identification of abnormal activity across interconnected systems.
Design of a dynamic risk evaluation framework, integrating historical and live data streams to assess emerging threats and guide appropriate countermeasures.
Deployment and validation of the integrated system in operational CI environments, ensuring usability, scalability, and effectiveness in real-world conditions.
Integration of Federated Learning and threat prediction models, enhancing detection accuracy while maintaining data privacy and decentralization.